Blink and you might have missed the latest security hole in Nvidia’s user-experience boosting GeForce Experience suite. However, despite the recent fix, security experts are suggesting you uninstall the program.
Nvidia was informed about the existence of a security exploit on April 16, and the company sewed up the hole in Version 3.19 of the GeForce Experience software, released at the end of May. The key takeaway is that all GFE users need to update their software to 3.19 as soon as possible to ensure you’re safe from internet bad guys looking to hack the planet.
Nvidia’s update claims that they’ve fixed issues “that may lead to information disclosure, escalation of privileges, denial of service or code execution” so there’s plenty of reasons to upgrade to the latest version.
Related: Best VPN 2019
Rhino Security Labs, who discovered the exploit, claimed that there was “a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service, or information disclosure.” You could be effected with just a couple of clicks on a malicious website.
This vulnerability is open in every version of the software before 3.19, so just to labour the point: go and update to 3.19 already if you have the GeForce Experience installed.
However, Rhino has claimed that “it is a good idea to simply uninstall it from your system to reduce the additional attack surface it introduces.” That is, unless you actually need to use it. They’ve also claimed that while Nvidia has fixed this specific problem, vulnerabilities remain with GeForce Experience’s webhelper tool, so expect more security updates from Nvidia soon.